Europe’s Data Protection Commission (DPC) officially ended its investigation into X after the social media platform agreed to cease using personal data from European users to train its Grok artificial intelligence chatbot.
The dispute centered on the DPC’s concerns regarding the processing of the personal information of millions of European users of the X platform. The DPC stated that the data was to be used to train AI systems.
During the High Court hearing, the court stated that the proceedings could be struck out if Twitter International Unlimited Company, the operator of the X platform, gave a permanent undertaking. The company committed to erasing and not further using any information of the EU and EEA users to develop, enhance, or train the “Grok” search service from 7 May 2024 to 1 August 2024.
The undertaking was made on behalf of Twitter International by Declan McGrath SC during the hearing before Ms Justice Leonie Reynolds. McGrath stated that the information had been already erased and there was no need for any additional orders from the court. Accordingly, the DPC agreed to the action being struck out, and Ms Justice Reynolds expressed her satisfaction with the outcome of the case.
The DPC filed the legal proceedings in August 2024. The DPC, through Remy Farrell SC and David Fennelly BL, sought specific injunctions against Twitter International to suspend, restrict, or prohibit the processing of personal data of X users for training purposes of AI systems such as “Grok. ” The DPC claimed that this was against the General Data Protection Regulation (GDPR), which is the legal framework for the protection of personal information within the EU.
Twitter International rejected the DPC’s allegations and stated that the company met all the requirements of the GDPR. At first, the company resisted the orders sought by the DPC, referring to them as “draconian” and noting that the measures suggested would hinder the crucial functions required for operating the X platform in the EU and EEA.
Although resistant at first, the issue was eventually settled through the permanent arrangement provided by Twitter International. The decision is the first in which an application for such orders was made under the 2018 Data Protection Act in the Irish courts. At the moment, the case has been dismissed, but the X platform operator is still required to follow the GDPR regulations and ensure that user data is processed and collected with the user’s permission.
Additionally, the UK Competition and Markets Authority (CMA) has approved Microsoft’s collaboration with Inflection AI. They stated that the partnership will not distort competition in the UK. This came after an initial phase one investigation that began in July had been precipitated by Microsoft poaching almost Inflection’s entire workforce, including its CEO Mustafa Suleyman.